package com.hyd.common.spring;

import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;

import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;

import com.hyd.admin.resource.domain.Resource;
import com.hyd.admin.resource.service.IResourceService;
import com.hyd.admin.role.domain.Role;
import com.hyd.admin.role.service.IRoleService;

public class CustomFilterInvocationSecurityMetadataSource implements
		FilterInvocationSecurityMetadataSource {
	/**
	 * Logger for this class
	 */
	private static final Logger logger = Logger
			.getLogger(CustomFilterInvocationSecurityMetadataSource.class);

	@Autowired
	private IRoleService roleService;
	@Autowired
	private IResourceService resourceService;

	private static Map<String, Collection<ConfigAttribute>> resourceMap = null;

	public void loadResourceDefine() throws Exception {
		
		resourceMap = new HashMap<String, Collection<ConfigAttribute>>();

		List<Resource> resourceList = resourceService.selectResourceList(null);
		for (Resource resi : resourceList) {
			List<ConfigAttribute> attrList = new ArrayList<ConfigAttribute>();
			for (Role rolei : roleService.selectRoleListByResource(resi
					.getResourceId())) {
				attrList.add(new SecurityConfig(rolei.getRoleName()));
			}
			resourceMap.put(resi.getResourcePath(), attrList);
		}
		/*
		 * //通过硬编码设置，resouce和role resourceMap = new HashMap<String,
		 * Collection<ConfigAttribute>>(); Collection<ConfigAttribute> atts =
		 * new ArrayList<ConfigAttribute>(); ConfigAttribute ca = new
		 * SecurityConfig("admin"); atts.add(ca);
		 * resourceMap.put("/jsp/admin.jsp", atts);
		 * resourceMap.put("/swf/zara.html", atts);
		 */
	}

	// According to a URL, Find out permission configuration of this URL.
	public Collection<ConfigAttribute> getAttributes(Object object)
			throws IllegalArgumentException {
		if (logger.isDebugEnabled()) {
			logger.debug("getAttributes(Object) - start"); //$NON-NLS-1$  
		}
		// guess object is a URL.
		HttpServletRequest request = ((FilterInvocation) object)
				.getHttpRequest();

		for (String resURL : resourceMap.keySet()) {

			RequestMatcher requestMatcher = new AntPathRequestMatcher(resURL);
			if (requestMatcher.matches(request)) {
				Collection<ConfigAttribute> returnCollection = resourceMap
						.get(resURL);
				if (logger.isDebugEnabled()) {
					logger.debug("getAttributes(Object) - end"); //$NON-NLS-1$  
				}
				return returnCollection;
			}
		}
		if (logger.isDebugEnabled()) {
			logger.debug("getAttributes(Object) - end"); //$NON-NLS-1$  
		}
		return null;
	}

	public boolean supports(Class<?> clazz) {
		return true;
	}

	public Collection<ConfigAttribute> getAllConfigAttributes() {
		return null;
	}
}